
The Bank of England has been handed powers to regulate important tech firms including Amazon and Google from next week, amid fears that system failures could threaten financial stability and harm consumers.
From Monday, the Bank and fellow City regulator the Financial Conduct Authority (FCA) will be in charge of ensuring that four large-scale providers of cloud and tech services to banks are resilient and actively reducing the risk of cyber-attacks and major outages that could disrupt services for millions of people and businesses across the UK.
This will mean having “direct” oversight of local arms of Amazon Web Services, Google Cloud, Oracle and Microsoft, all of which have been identified as “critical third parties” by the UK government, according to an announcement on Friday.
The companies will have to prove they are carrying out adequate stress testing, showing how they respond to imagined emergency scenarios that puts their operations under severe strain. They will also be forced to report to the Bank of England and FCA any major incidents such as cyber-attacks, power outages and the impacts of natural disasters.
The companies’ technologies have become a crucial part of the day-to-day banking operations, including to store data, run automated fraud detection programmes and carry out digital banking services.
However, relying more on online technologies – and a move away from physical branches and cash – has come with risks, with glitches half a world away causing large-scale chaos for everyday banking customers up and down the UK.
Last October, Lloyds Banking Group was among more than 2,000 companies whose online services were disrupted by a glitch at Amazon’s cloud computing services operations in Northern Virginia, a major tech hub near Washington DC. The episode prompted renewed warnings over the perils of relying on a small number of foreign firms for operating services across the internet, including crucial government and financial services.
Overall, customers at Britain’s main banks and building societies suffered the equivalent of more than a month’s-worth of IT failures between 2023 and 2025, according to the Treasury committee.
The UK government came under fire for dragging its feet and taking more than 18 months to decide which companies should be supervised by British financial regulators, who were given the theoretical powers to do so back in January 2025.
The question of which companies should be regulated is understood to have been a sensitive topic among Labour ministers, who have been trying to attract investment into the UK, including from big US tech firms.
However, all four companies publicly welcomed the announcement, issuing statements alongside the official release saying they supported the government’s objectives of boosting the resilience of the UK’s financial sector.
Treasury committee chair, Meg Hillier, said the government now needed to go further and consider putting AI firms under regulator’s watch: “To finally see movement on this after we have pressed for months, including in our recent AI report, is a huge step forward. The Treasury is finally putting its powers to good use by improving oversight of the tech firms which our financial system relies upon.
“As the use of AI in financial services expands, I believe there may come a time when the government needs to consider designating specific AI firms under the Critical Third Parties Regime. This should be monitored closely to ensure the country is not vulnerable in the event of a failure at a major provider.”
View original source — The Guardian ↗



